Merge branch 'main' of https://github.com/auth0/auth0-cli into DXCDT-…

…586-select-multiple-ids-for-delete-resource

docs/auth0_apis_create.md

@@ -25,7 +25,8 @@ auth0 apis create [flags]
   auth0 apis create --name myapi --identifier http://my-api --token-lifetime 6100
   auth0 apis create --name myapi --identifier http://my-api --token-lifetime 6100 --offline-access=true
   auth0 apis create --name myapi --identifier http://my-api --token-lifetime 6100 --offline-access=false --scopes "letter:write,letter:read"
-  auth0 apis create -n myapi -i http://my-api -t 6100 -o false -s "letter:write,letter:read" --json
+  auth0 apis create --name myapi --identifier http://my-api --token-lifetime 6100 --offline-access=false --scopes "letter:write,letter:read" --signing-alg "RS256"
+  auth0 apis create -n myapi -i http://my-api -t 6100 -o false -s "letter:write,letter:read" --signing-alg "RS256" --json
 ```
 
 
@@ -37,6 +38,7 @@ auth0 apis create [flags]
   -n, --name string          Name of the API.
   -o, --offline-access       Whether Refresh Tokens can be issued for this API (true) or not (false).
   -s, --scopes strings       Comma-separated list of scopes (permissions).
+      --signing-alg string   Algorithm used to sign JWTs. Can be HS256 or RS256. PS256 available via addon. (default "RS256")
   -l, --token-lifetime int   The amount of time in seconds that the token will be valid after being issued. Default value is 86400 seconds (1 day).
 ```
 

docs/auth0_apis_update.md

@@ -24,8 +24,8 @@ auth0 apis update [flags]
   auth0 apis update <api-id|api-audience> --name myapi
   auth0 apis update <api-id|api-audience> --name myapi --token-lifetime 6100
   auth0 apis update <api-id|api-audience> --name myapi --token-lifetime 6100 --offline-access=false
-  auth0 apis update <api-id|api-audience> --name myapi --token-lifetime 6100 --offline-access=false --scopes "letter:write,letter:read"
-  auth0 apis update <api-id|api-audience> -n myapi -t 6100 -o false -s "letter:write,letter:read" --json
+  auth0 apis update <api-id|api-audience> --name myapi --token-lifetime 6100 --offline-access=false --scopes "letter:write,letter:read" --signing-alg "RS256"
+  auth0 apis update <api-id|api-audience> -n myapi -t 6100 -o false -s "letter:write,letter:read" --signing-alg "RS256" --json
 ```
 
 
@@ -36,6 +36,7 @@ auth0 apis update [flags]
   -n, --name string          Name of the API.
   -o, --offline-access       Whether Refresh Tokens can be issued for this API (true) or not (false).
   -s, --scopes strings       Comma-separated list of scopes (permissions).
+      --signing-alg string   Algorithm used to sign JWTs. Can be HS256 or RS256. PS256 available via addon. (default "RS256")
   -l, --token-lifetime int   The amount of time in seconds that the token will be valid after being issued. Default value is 86400 seconds (1 day).
 ```
 

go.mod

@@ -5,7 +5,7 @@ go 1.21
 require (
 	github.com/AlecAivazis/survey/v2 v2.3.7
 	github.com/PuerkitoBio/rehttp v1.3.0
-	github.com/auth0/go-auth0 v1.3.0
+	github.com/auth0/go-auth0 v1.3.1
 	github.com/briandowns/spinner v1.23.0
 	github.com/charmbracelet/glamour v0.6.0
 	github.com/fsnotify/fsnotify v1.7.0

go.sum

@@ -18,8 +18,8 @@ github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/
 github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew1u1fNQOlOtuGxQY=
 github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4=
-github.com/auth0/go-auth0 v1.3.0 h1:46bo0C6HYtsdSj4BEF4j6IaQrSAiUqehwuv+IO3qDJ0=
-github.com/auth0/go-auth0 v1.3.0/go.mod h1:gm0NUM340x77a9YVZB50HUrJJkSchD9DkiqqbAl+s34=
+github.com/auth0/go-auth0 v1.3.1 h1:J9QIKOMKs/uE9eo1OvTHfci8inuPau0M4WSgdNmPRaQ=
+github.com/auth0/go-auth0 v1.3.1/go.mod h1:lpfYGQAGw5RFFWCmVc0kJI4c6w9mA1CbEaJfZ7xZycw=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
 github.com/aymanbagabas/go-osc52 v1.0.3 h1:DTwqENW7X9arYimJrPeGZcV0ln14sGMt3pHZspWD+Mg=

internal/cli/actions.go

@@ -377,9 +377,7 @@ func deleteActionCmd(cli *cli) *cobra.Command {
 					return err
 				}
 			} else {
-				for _, id := range args[0:] {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			if !cli.force && canPrompt(cmd) {

internal/cli/apis.go

@@ -15,6 +15,8 @@ import (
 	"github.com/auth0/auth0-cli/internal/prompt"
 )
 
+const apiDefaultTokenLifetime = 86400
+
 var (
 	apiID = Argument{
 		Name: "Id",
@@ -55,6 +57,11 @@ var (
 		Help:         "Whether Refresh Tokens can be issued for this API (true) or not (false).",
 		AlwaysPrompt: true,
 	}
+	apiSigningAlgorithm = Flag{
+		Name:     "Signing Algorithm",
+		LongForm: "signing-alg",
+		Help:     "Algorithm used to sign JWTs. Can be HS256 or RS256. PS256 available via addon.",
+	}
 	apiNumber = Flag{
 		Name:      "Number",
 		LongForm:  "number",
@@ -204,6 +211,7 @@ func createAPICmd(cli *cli) *cobra.Command {
 		Scopes             []string
 		TokenLifetime      int
 		AllowOfflineAccess bool
+		SigningAlgorithm   string
 	}
 
 	cmd := &cobra.Command{
@@ -220,7 +228,8 @@ func createAPICmd(cli *cli) *cobra.Command {
   auth0 apis create --name myapi --identifier http://my-api --token-lifetime 6100
   auth0 apis create --name myapi --identifier http://my-api --token-lifetime 6100 --offline-access=true
   auth0 apis create --name myapi --identifier http://my-api --token-lifetime 6100 --offline-access=false --scopes "letter:write,letter:read"
-  auth0 apis create -n myapi -i http://my-api -t 6100 -o false -s "letter:write,letter:read" --json`,
+  auth0 apis create --name myapi --identifier http://my-api --token-lifetime 6100 --offline-access=false --scopes "letter:write,letter:read" --signing-alg "RS256"
+  auth0 apis create -n myapi -i http://my-api -t 6100 -o false -s "letter:write,letter:read" --signing-alg "RS256" --json`,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			if err := apiName.Ask(cmd, &inputs.Name, nil); err != nil {
 				return err
@@ -234,7 +243,7 @@ func createAPICmd(cli *cli) *cobra.Command {
 				return err
 			}
 
-			defaultTokenLifetime := strconv.Itoa(apiDefaultTokenLifetime())
+			defaultTokenLifetime := strconv.Itoa(apiDefaultTokenLifetime)
 			if err := apiTokenLifetime.Ask(cmd, &inputs.TokenLifetime, &defaultTokenLifetime); err != nil {
 				return err
 			}
@@ -243,31 +252,41 @@ func createAPICmd(cli *cli) *cobra.Command {
 				return err
 			}
 
+			if err := apiSigningAlgorithm.Ask(cmd, &inputs.SigningAlgorithm, auth0.String("RS256")); err != nil {
+				return err
+			}
+
 			api := &management.ResourceServer{
 				Name:               &inputs.Name,
 				Identifier:         &inputs.Identifier,
 				AllowOfflineAccess: &inputs.AllowOfflineAccess,
 				TokenLifetime:      &inputs.TokenLifetime,
+				SigningAlgorithm:   &inputs.SigningAlgorithm,
 			}
 
 			if len(inputs.Scopes) > 0 {
 				api.Scopes = apiScopesFor(inputs.Scopes)
 			}
 
-			// Set token lifetime
 			if inputs.TokenLifetime <= 0 {
-				api.TokenLifetime = auth0.Int(apiDefaultTokenLifetime())
+				api.TokenLifetime = auth0.Int(apiDefaultTokenLifetime)
 			} else {
 				api.TokenLifetime = auth0.Int(inputs.TokenLifetime)
 			}
 
 			if err := ansi.Waiting(func() error {
 				return cli.api.ResourceServer.Create(cmd.Context(), api)
 			}); err != nil {
-				return fmt.Errorf("An unexpected error occurred while attempting to create an API with name '%s' and identifier '%s': %w", inputs.Name, inputs.Identifier, err)
+				return fmt.Errorf(
+					"failed to create an API with name '%s' and identifier '%s': %w",
+					inputs.Name,
+					inputs.Identifier,
+					err,
+				)
 			}
 
 			cli.renderer.APICreate(api)
+
 			return nil
 		},
 	}
@@ -278,6 +297,7 @@ func createAPICmd(cli *cli) *cobra.Command {
 	apiScopes.RegisterStringSlice(cmd, &inputs.Scopes, nil)
 	apiOfflineAccess.RegisterBool(cmd, &inputs.AllowOfflineAccess, false)
 	apiTokenLifetime.RegisterInt(cmd, &inputs.TokenLifetime, 0)
+	apiSigningAlgorithm.RegisterString(cmd, &inputs.SigningAlgorithm, "RS256")
 
 	return cmd
 }
@@ -289,6 +309,7 @@ func updateAPICmd(cli *cli) *cobra.Command {
 		Scopes             []string
 		TokenLifetime      int
 		AllowOfflineAccess bool
+		SigningAlgorithm   string
 	}
 
 	cmd := &cobra.Command{
@@ -304,26 +325,23 @@ func updateAPICmd(cli *cli) *cobra.Command {
   auth0 apis update <api-id|api-audience> --name myapi
   auth0 apis update <api-id|api-audience> --name myapi --token-lifetime 6100
   auth0 apis update <api-id|api-audience> --name myapi --token-lifetime 6100 --offline-access=false
-  auth0 apis update <api-id|api-audience> --name myapi --token-lifetime 6100 --offline-access=false --scopes "letter:write,letter:read"
-  auth0 apis update <api-id|api-audience> -n myapi -t 6100 -o false -s "letter:write,letter:read" --json`,
+  auth0 apis update <api-id|api-audience> --name myapi --token-lifetime 6100 --offline-access=false --scopes "letter:write,letter:read" --signing-alg "RS256"
+  auth0 apis update <api-id|api-audience> -n myapi -t 6100 -o false -s "letter:write,letter:read" --signing-alg "RS256" --json`,
 		RunE: func(cmd *cobra.Command, args []string) error {
-			var current *management.ResourceServer
-
 			if len(args) == 0 {
-				err := apiID.Pick(cmd, &inputs.ID, cli.apiPickerOptions)
-				if err != nil {
+				if err := apiID.Pick(cmd, &inputs.ID, cli.apiPickerOptions); err != nil {
 					return err
 				}
 			} else {
 				inputs.ID = args[0]
 			}
 
-			if err := ansi.Waiting(func() error {
-				var err error
-				current, err = cli.api.ResourceServer.Read(cmd.Context(), url.PathEscape(inputs.ID))
+			var current *management.ResourceServer
+			if err := ansi.Waiting(func() (err error) {
+				current, err = cli.api.ResourceServer.Read(cmd.Context(), inputs.ID)
 				return err
 			}); err != nil {
-				return fmt.Errorf("Unable to load API: %w", err)
+				return fmt.Errorf("failed to find API with ID %q: %w", inputs.ID, err)
 			}
 
 			if err := apiName.AskU(cmd, &inputs.Name, current.Name); err != nil {
@@ -334,48 +352,55 @@ func updateAPICmd(cli *cli) *cobra.Command {
 				return err
 			}
 
-			currentTokenLifetime := strconv.Itoa(auth0.IntValue(current.TokenLifetime))
-			if err := apiTokenLifetime.AskU(cmd, &inputs.TokenLifetime, &currentTokenLifetime); err != nil {
+			currentTokenLifetime := strconv.Itoa(current.GetTokenLifetime())
+			if err := apiTokenLifetime.AskIntU(cmd, &inputs.TokenLifetime, &currentTokenLifetime); err != nil {
 				return err
 			}
 
 			if !apiOfflineAccess.IsSet(cmd) {
-				inputs.AllowOfflineAccess = auth0.BoolValue(current.AllowOfflineAccess)
+				inputs.AllowOfflineAccess = current.GetAllowOfflineAccess()
 			}
 
 			if err := apiOfflineAccess.AskBoolU(cmd, &inputs.AllowOfflineAccess, current.AllowOfflineAccess); err != nil {
 				return err
 			}
 
+			if err := apiSigningAlgorithm.AskU(cmd, &inputs.SigningAlgorithm, current.SigningAlgorithm); err != nil {
+				return err
+			}
+
 			api := &management.ResourceServer{
 				AllowOfflineAccess: &inputs.AllowOfflineAccess,
 			}
 
-			if len(inputs.Name) == 0 {
-				api.Name = current.Name
-			} else {
+			api.Name = current.Name
+			if len(inputs.Name) != 0 {
 				api.Name = &inputs.Name
 			}
 
-			if len(inputs.Scopes) == 0 {
-				api.Scopes = current.Scopes
-			} else {
+			api.Scopes = current.Scopes
+			if len(inputs.Scopes) != 0 {
 				api.Scopes = apiScopesFor(inputs.Scopes)
 			}
 
-			if inputs.TokenLifetime == 0 {
-				api.TokenLifetime = current.TokenLifetime
-			} else {
+			api.TokenLifetime = current.TokenLifetime
+			if inputs.TokenLifetime != 0 {
 				api.TokenLifetime = &inputs.TokenLifetime
 			}
 
+			api.SigningAlgorithm = current.SigningAlgorithm
+			if inputs.SigningAlgorithm != "" {
+				api.SigningAlgorithm = &inputs.SigningAlgorithm
+			}
+
 			if err := ansi.Waiting(func() error {
 				return cli.api.ResourceServer.Update(cmd.Context(), current.GetID(), api)
 			}); err != nil {
-				return fmt.Errorf("An unexpected error occurred while trying to update an API with Id '%s': %w", inputs.ID, err)
+				return fmt.Errorf("failed to update the API with ID %q: %w", inputs.ID, err)
 			}
 
 			cli.renderer.APIUpdate(api)
+
 			return nil
 		},
 	}
@@ -385,6 +410,7 @@ func updateAPICmd(cli *cli) *cobra.Command {
 	apiScopes.RegisterStringSliceU(cmd, &inputs.Scopes, nil)
 	apiOfflineAccess.RegisterBoolU(cmd, &inputs.AllowOfflineAccess, false)
 	apiTokenLifetime.RegisterIntU(cmd, &inputs.TokenLifetime, 0)
+	apiSigningAlgorithm.RegisterStringU(cmd, &inputs.SigningAlgorithm, "RS256")
 
 	return cmd
 }
@@ -409,9 +435,7 @@ func deleteAPICmd(cli *cli) *cobra.Command {
 					return err
 				}
 			} else {
-				for _, id := range args[0:] {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			if !cli.force && canPrompt(cmd) {
@@ -552,10 +576,6 @@ func apiScopesFor(scopes []string) *[]management.ResourceServerScope {
 	return &models
 }
 
-func apiDefaultTokenLifetime() int {
-	return 86400
-}
-
 func (c *cli) apiPickerOptions(ctx context.Context) (pickerOptions, error) {
 	return c.filteredAPIPickerOptions(ctx, func(r *management.ResourceServer) bool {
 		return true

internal/cli/apps.go

@@ -324,9 +324,7 @@ func deleteAppCmd(cli *cli) *cobra.Command {
 					return err
 				}
 			} else {
-				for _, id := range args[0:] {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			if !cli.force && canPrompt(cmd) {

internal/cli/custom_domains.go

@@ -345,9 +345,7 @@ func deleteCustomDomainCmd(cli *cli) *cobra.Command {
 					return err
 				}
 			} else {
-				for _, id := range args[0:] {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			if !cli.force && canPrompt(cmd) {

internal/cli/log_streams.go

@@ -189,9 +189,7 @@ func deleteLogStreamCmd(cli *cli) *cobra.Command {
 					return err
 				}
 			} else {
-				for _, id := range args[0:] {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			if !cli.force && canPrompt(cmd) {

internal/cli/organizations.go

@@ -429,9 +429,7 @@ func deleteOrganizationCmd(cli *cli) *cobra.Command {
 					return err
 				}
 			} else {
-				for _, id := range args {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			if !cli.force && canPrompt(cmd) {

internal/cli/roles.go

@@ -302,9 +302,7 @@ func deleteRoleCmd(cli *cli) *cobra.Command {
 					return err
 				}
 			} else {
-				for _, id := range args {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			if !cli.force && canPrompt(cmd) {

internal/cli/rules.go

@@ -269,9 +269,7 @@ func deleteRuleCmd(cli *cli) *cobra.Command {
 					return err
 				}
 			} else {
-				for _, id := range args {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			if !cli.force && canPrompt(cmd) {

internal/cli/users.go

@@ -378,9 +378,7 @@ func deleteUserCmd(cli *cli) *cobra.Command {
 				}
 				ids = append(ids, id)
 			} else {
-				for _, id := range args {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			if !cli.force && canPrompt(cmd) {

internal/cli/users_blocks.go

@@ -80,9 +80,7 @@ func deleteUserBlocksCmd(cli *cli) *cobra.Command {
 				}
 				ids = append(ids, id)
 			} else {
-				for _, id := range args {
-					ids = append(ids, id)
-				}
+				ids = append(ids, args...)
 			}
 
 			return ansi.Spinner("Unblocking user...", func() error {